Base64 Code | Mnemonic Aid | Decoded* | Description |
---|---|---|---|
JAB |
🗣 Jabber | $. |
Variable declaration (UTF-16), e.g. JABlAG4AdgA for $env: |
TVq |
📺 Television | MZ |
MZ header |
SUVY |
🚙 SUV | IEX |
PowerShell Invoke Expression |
SQBFAF |
🐣 Squab favorite | I.E. |
PowerShell Invoke Expression (UTF-16) |
SQBuAH |
🐣 Squab uahhh | I.n. |
PowerShell Invoke string (UTF-16) e.g. Invoke-Mimikatz |
PAA |
💪 "Pah!" | <. |
Often used by Emotet (UTF-16) |
The gist that used to be here has since been implemented as a complete pip-installable package: https://github.com/anqxyr/mkepub | |
This notice is left here as a courtesy to the people who starred/bookmarked this gist in the past. | |
It's possible to run a custom (instead of hypervisor-managed) kernel for use with Debian 8.x on a DigitalOcean droplet.
We'll build one with grsecurity, "an extensive security enhancement to the Linux kernel that defends against a wide range of security threats through intelligent access control, memory corruption-based exploit prevention, and a host of other system hardening".
Note: The stable patches for Linux 3.14.x and 3.2.x are not publicly available anymore, so we'll be applying the free 4.3.x (test) patch. The URLs and filenames in this document may become outdated, so fetch the latest from grsecurity.net and kernel.org.
Install dependencies:
The purpose of this document is to make recommendations on how to browse in a privacy and security conscious manner. This information is compiled from a number of sources, which are referenced throughout the document, as well as my own experiences with the described technologies.
I welcome contributions and comments on the information contained. Please see the How to Contribute section for information on contributing your own knowledge.
Andy Greenberg of WIRED reports that the FBI has finally revealed how they allegedly located the server on which Silk Road was hosted, and it didn't require parallel construction. http://www.wired.com/2014/09/the-fbi-finally-says-how-it-legally-pinpointed-silk-roads-server | |
It was a security fail. | |
According to FBI agent Christopher Tarbell, as related by Greenberg: "They found a misconfiguration in an element of the Silk Road login page, which revealed its internet protocol (IP) address and thus its physical location... And when they entered that IP address directly into a browser, the Silk Road's CAPTCHA prompt appeared." | |
While I can only speculate about what gave away the IP address, here's a few suggestions for avoiding the latter problem, which should make your .onions slightly more secure. | |
First off, the webserver never should have responded to HTTP requests on the server's IP address. Only traffic which comes through the Tor hidden service, which connects to the webserver's port 80 on the loopback in |
/etc/make.conf
WITH_PKGNG= yes
WITH_PGSQL_VER= 93
DEFAULT_VERSIONS= ruby=2.1 python=2.7
commands
% cd /usr/ports/ports-mgmt/pkg
% make install clean
#!/bin/sh | |
# | |
# PROVIDE: mysql | |
# REQUIRE: LOGIN | |
# KEYWORD: shutdown | |
# | |
# Add the following lines to /etc/rc.conf to enable mysqlmulti: | |
# | |
# mysqlmulti_enable (bool): Set it to "YES" to enable uwsgi | |
# Default is "NO". |
# collect | |
# global | |
# states entries|searches|inserts|removals [diff] | |
# counters match|bad-offset|fragment|...|synproxy [diff] | |
# (see pfctl -si output, same strings) | |
# interface name pass|block packets|bytes in|out v4|v6 [diff] | |
# queue name passed|dropped|other packets|bytes|number [diff] | |
collect 1 = interface "nfe0" pass bytes in ipv4 diff | |
collect 2 = interface "nfe0" pass bytes out ipv4 diff |
# source : http://code.google.com/p/natvpn/source/browse/trunk/stun_server_list | |
# A list of available STUN server. | |
stun.l.google.com:19302 | |
stun1.l.google.com:19302 | |
stun2.l.google.com:19302 | |
stun3.l.google.com:19302 | |
stun4.l.google.com:19302 | |
stun01.sipphone.com | |
stun.ekiga.net |